Merge pull request #566 from Lupul/dev-0730

Dev 0730

bin/v-add-web-domain-backend

@@ -26,6 +26,7 @@ source $HESTIA/conf/hestia.conf
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'USER DOMAIN [TEMPLATE] [RESTART]'
+is_format_valid 'user' 'domain'
 is_system_enabled "$WEB_BACKEND" 'WEB_BACKEND'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"

bin/v-delete-user-favourites

@@ -32,6 +32,7 @@ case $system in
     DNS_REC)    is_format_valid 'id' ;;
     *)          is_format_valid 'object'
 esac
+is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 

bin/v-delete-web-domain-backend

@@ -46,7 +46,7 @@ check_hestia_demo_mode
 #----------------------------------------------------------#
 
 # Defining pool directory
-pool=$(find -L /etc/php* -type d \( -name "pool.d" -o -name "*fpm.d" \))
+pool=$(find -L /etc/php/ -name "$domain.conf" -exec dirname {} \;)
 if [ ! -e "$pool" ]; then
     check_result $E_NOTEXIST "php-fpm pool doesn't exist"
 fi

bin/v-list-dns-domain

@@ -71,6 +71,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'USER DOMAIN [FORMAT]'
+is_format_valid 'user' 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_valid 'dns' 'DOMAIN' "$domain"
 

bin/v-list-letsencrypt-user

@@ -56,6 +56,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '1' "$#" 'USER [FORMAT]'
+is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 if [ ! -e "$USER_DATA/ssl/le.conf" ]; then
     check_result $E_NOTEXIST "LetsEncrypt user account doesn't exist"

bin/v-list-mail-domain-dkim-dns

@@ -57,6 +57,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'USER DOMAIN [FORMAT]'
+is_format_valid 'user' 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_valid 'mail' 'DOMAIN' "$domain"
 

bin/v-list-mail-domain-ssl

@@ -101,6 +101,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'USER DOMAIN [FORMAT]'
+is_format_valid 'user' 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_valid 'mail' 'DOMAIN' "$domain_idn"
 

bin/v-list-user

@@ -156,6 +156,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '1' "$#" 'USER [FORMAT]'
+is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
 

bin/v-list-user-backup

@@ -75,6 +75,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'USER BACKUP [FORMAT]'
+is_format_valid 'user' 'backup'
 is_object_valid 'user' 'USER' "$user"
 is_object_valid 'backup' 'BACKUP' "$backup"
 

bin/v-list-user-stats

@@ -115,6 +115,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '1' "$#" 'USER [FORMAT]'
+is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
 

bin/v-list-web-domain

@@ -118,6 +118,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'USER DOMAIN [FORMAT]'
+is_format_valid 'user' 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_valid 'web' 'DOMAIN' "$domain"
 

bin/v-list-web-domain-ssl

@@ -101,6 +101,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'USER DOMAIN [FORMAT]'
+is_format_valid 'user' 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_valid 'web' 'DOMAIN' "$domain"
 

bin/v-list-web-domains

@@ -100,6 +100,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '1' "$#" 'USER [FORMAT]'
+is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
 

bin/v-rebuild-mail-domain

@@ -31,7 +31,7 @@ fi
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'USER DOMAIN'
-is_format_valid 'user'
+is_format_valid 'user' 'domain'
 is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"

bin/v-rebuild-web-domain

@@ -27,7 +27,7 @@ source $HESTIA/conf/hestia.conf
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'USER DOMAIN [RESTART]'
-is_format_valid 'user'
+is_format_valid 'user' 'domain'
 is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"

func/domain.sh

@@ -91,8 +91,8 @@ prepare_web_backend() {
         backend_version="${BASH_REMATCH[1]}.${BASH_REMATCH[2]}"
         pool=$(find -L /etc/php/$backend_version -type d \( -name "pool.d" -o -name "*fpm.d" \))
     else
+        backend_version=$(php -r "echo (float)phpversion();")
         if [ -z "$pool" ] || [ -z "$BACKEND" ]; then 
-            backend_version=$(php -r "echo (float)phpversion();")
             pool=$(find -L /etc/php/$backend_version -type d \( -name "pool.d" -o -name "*fpm.d" \))
         fi
     fi
@@ -194,7 +194,7 @@ add_web_config() {
     format_domain_idn
 
     WEBTPL_LOCATION="$WEBTPL/$1"
-    if [ ! -z "$WEB_BACKEND" ] && [ -d "$WEBTPL_LOCATION/$WEB_BACKEND" ]; then
+    if [ "$1" != "$PROXY_SYSTEM" ] && [ ! -z "$WEB_BACKEND" ] && [ -d "$WEBTPL_LOCATION/$WEB_BACKEND" ]; then
         if [ -f "$WEBTPL_LOCATION/$WEB_BACKEND/$2" ]; then
             # check for backend specific template
             WEBTPL_LOCATION="$WEBTPL/$1/$WEB_BACKEND"

func/main.sh

@@ -231,7 +231,8 @@ is_object_new() {
 # Check if object is valid
 is_object_valid() {
     if [ $2 = 'USER' ]; then
-        if [ ! -d "$HESTIA/data/users/$3" ]; then
+        tstpath="$(readlink -f "$HESTIA/data/users/$3")"
+        if [ "$(dirname "$tstpath")" != "$(readlink -f "$HESTIA/data/users")" ] || [ ! -d "$HESTIA/data/users/$3" ]; then
             check_result $E_NOTEXIST "$1 $3 doesn't exist"
         fi
     else

web/bulk/backup/exclusions/index.php

@@ -9,6 +9,12 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 $backup = $_POST['system'];
 $action = $_POST['action'];
 
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    header('Location: /login/');
+    exit();
+}
+
 switch ($action) {
     case 'delete': $cmd='v-delete-user-backup-exclusions';
         break;

web/delete/backup/exclusion/index.php

@@ -9,6 +9,12 @@ if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
     $user=$_GET['user'];
 }
 
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('Location: /login/');
+    exit();
+}
+
 if (!empty($_GET['system'])) {
     $v_username = escapeshellarg($user);
     $v_system = escapeshellarg($_GET['system']);

web/download/web-log/index.php

@@ -24,5 +24,3 @@ if ($return_var == 0 ) {
         echo $file . "\n";
     }
 }
-
-?>

web/edit/file/index.php

@@ -29,6 +29,20 @@ if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
         $content = '';
         $path = $_REQUEST['path'];
         if (!empty($_POST['save'])) {
+
+            // Check token
+            if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+                header('Location: /login/');
+                exit();
+            }
+
+            exec (HESTIA_CMD . "v-open-fs-file ".escapeshellarg($user)." ".escapeshellarg($path), $devnull, $return_var);
+            if ($return_var != 0) {
+                print 'Error while opening file';
+                exit;
+            }
+            $devnull=null;
+
             $fn = tempnam ('/tmp', 'vst-save-file-');
             if ($fn) {
                 $contents = $_POST['contents'];
@@ -39,7 +53,7 @@ if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
                 chmod($fn, 0644);
 
                 if ($f) {
-                    exec (HESTIA_CMD . "v-copy-fs-file {$user} {$fn} ".escapeshellarg($path), $output, $return_var);
+                    exec (HESTIA_CMD . "v-copy-fs-file ".escapeshellarg($user)." ".escapeshellarg($fn)." ".escapeshellarg($path), $output, $return_var);
                     $error = check_return_code($return_var, $output);
                     if ($return_var != 0) {
                         print('<p style="color: white">Error while saving file</p>');
@@ -50,7 +64,7 @@ if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
             }
         }
 
-        exec (HESTIA_CMD . "v-open-fs-file {$user} ".escapeshellarg($path), $content, $return_var);
+        exec (HESTIA_CMD . "v-open-fs-file ".escapeshellarg($user)." ".escapeshellarg($path), $content, $return_var);
         if ($return_var != 0) {
             print 'Error while opening file'; // todo: handle this more styled
             exit;
@@ -64,6 +78,7 @@ if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
 <form id="edit-file-form" method="post">
 <!-- input id="do-backup" type="button" onClick="javascript:void(0);" name="save" value="backup (ctrl+F2)" class="backup" / -->
 <input type="submit" name="save" value="Save" class="save" />
+<input type="hidden" name="token" value="<?=$_SESSION['token']?>" />
 
 
 <textarea name="contents" class="editor" id="editor" rows="4" style="display:none;width: 100%; height: 100%;"><?=htmlentities($content)?></textarea>

web/edit/ip/index.php

@@ -51,6 +51,13 @@ unset($output);
 
 // Check POST request
 if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        header('Location: /login/');
+        exit();
+    }
+
     $v_ip = escapeshellarg($_POST['v_ip']);
 
     // Change Status

web/generate/ssl/index.php

@@ -27,6 +27,12 @@ if (!isset($_POST['generate'])) {
     exit;
 }
 
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    header('Location: /login/');
+    exit();
+}
+
 // Check input
 if (empty($_POST['v_domain'])) $errors[] = __('Domain');
 if (empty($_POST['v_country'])) $errors[] = __('Country');

web/restart/service/index.php

@@ -5,6 +5,12 @@ ob_start();
 session_start();
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('Location: /login/');
+    exit();
+}
+
 if ($_SESSION['user'] == 'admin') {
     if (!empty($_GET['srv'])) {
         if ($_GET['srv'] == 'iptables') {

web/schedule/backup/index.php

@@ -5,6 +5,12 @@ ob_start();
 session_start();
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('Location: /login/');
+    exit();
+}
+
 $v_username = escapeshellarg($user);
 exec (HESTIA_CMD."v-schedule-user-backup ".$v_username, $output, $return_var);
 if ($return_var == 0) {

web/schedule/restore/index.php

@@ -6,6 +6,12 @@ session_start();
 
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('Location: /login/');
+    exit();
+}
+
 $backup = escapeshellarg($_GET['backup']);
 
 $web = 'no';

web/start/service/index.php

@@ -5,6 +5,12 @@ ob_start();
 session_start();
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('Location: /login/');
+    exit();
+}
+
 if ($_SESSION['user'] == 'admin') {
     if (!empty($_GET['srv'])) {
         if ($_GET['srv'] == 'iptables') {

web/stop/service/index.php

@@ -5,6 +5,12 @@ ob_start();
 session_start();
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('Location: /login/');
+    exit();
+}
+
 if ($_SESSION['user'] == 'admin') {
     if (!empty($_GET['srv'])) {
         if ($_GET['srv'] == 'iptables') {

web/templates/admin/list_backup.html

@@ -1,7 +1,7 @@
     <div class="l-center">
       <div class="l-sort clearfix noselect">
         <div class="l-unit-toolbar__buttonstrip">
-          <a href="/schedule/backup/" class="ui-button cancel" title="<?=__('Create Backup')?>"><i class="fas fa-plus-circle status-icon green"></i> <?=__('Create Backup')?></a>
+          <a href="/schedule/backup/?token=<?=$_SESSION['token']?>" class="ui-button cancel" title="<?=__('Create Backup')?>"><i class="fas fa-plus-circle status-icon green"></i> <?=__('Create Backup')?></a>
           <a href="/list/backup/exclusions/" class="ui-button cancel" title="<?=__('backup exclusions')?>"><i class="fas fa-folder-minus status-icon orange"></i> <?=__('backup exclusions')?></a>
         </div>
         <div class="l-sort-toolbar clearfix">

web/templates/admin/list_backup_detail.html

@@ -2,7 +2,7 @@
       <div class="l-sort clearfix noselect">
         <div class="l-unit-toolbar__buttonstrip">
           <a class="ui-button cancel" id="btn-back" href="/list/backup/"><i class="fas fa-arrow-left status-icon blue"></i> <?=__('Back')?></a>
-          <a href="/schedule/restore/?backup=<?=htmlentities($_GET['backup'])?>" class="ui-button cancel" title="<?=__('Restore All')?>"><i class="fas fa-undo status-icon green"></i> <?=__('Restore All')?></a>
+          <a href="/schedule/restore/?token=<?=$_SESSION['token']?>&backup=<?=htmlentities($_GET['backup'])?>" class="ui-button cancel" title="<?=__('Restore All')?>"><i class="fas fa-undo status-icon green"></i> <?=__('Restore All')?></a>
         </div>
         <div class="l-sort-toolbar clearfix">
           <table>